Optimizes Dockerfiles for build time, image size, security, and robustness. Activates when writing, reviewing, or refactoring Dockerfiles, or during Docker image builds.
How this skill is triggered — by the user, by Claude, or both
Slash command
/pproenca-dot-skills-1:dockerfile-optimiseThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Comprehensive Dockerfile optimization guide sourced exclusively from official Docker documentation. Contains 48 rules across 8 categories, prioritized by impact to guide automated refactoring and code generation.
Comprehensive Dockerfile optimization guide sourced exclusively from official Docker documentation. Contains 48 rules across 8 categories, prioritized by impact to guide automated refactoring and code generation.
Reference these guidelines when:
| Priority | Category | Impact | Prefix |
|---|---|---|---|
| 1 | Layer Caching & Ordering | CRITICAL | cache- |
| 2 | Multi-Stage Builds | CRITICAL | stage- |
| 3 | Base Image Selection | HIGH | base- |
| 4 | Build Context Management | HIGH | ctx- |
| 5 | Security & Secrets | HIGH | sec- |
| 6 | Dependency Management | MEDIUM-HIGH | dep- |
| 7 | Instruction Patterns | MEDIUM | inst- |
| 8 | Quality & Validation | MEDIUM | lint- |
cache-layer-order - Order layers by change frequencycache-copy-deps-first - Copy dependency files before source codecache-copy-link - Use COPY --link for cache-efficient layer copyingcache-mount-package - Use cache mounts for package managerscache-apt-combine - Combine apt-get update with installcache-external - Use external cache for CI/CD buildscache-invalidation - Avoid unnecessary cache invalidationcache-minimize-layers - Consolidate related RUN instructionsstage-separate-build-runtime - Separate build and runtime stagesstage-named-stages - Use named build stagesstage-parallel-branches - Exploit parallel stage executionstage-target-builds - Use target builds for dev/prodstage-copy-artifacts-only - Copy only final artifacts between stagesstage-reusable-base - Create reusable base stagesbase-minimal-image - Use minimal base imagesbase-official-images - Use Docker Official Imagesbase-pin-versions - Pin base image versions with digestsbase-arg-version - Use ARG before FROM to parameterize base imagesbase-rebuild-regularly - Rebuild images regularly with --pullbase-distroless - Use distroless or scratch images for productionctx-dockerignore - Use .dockerignore to exclude unnecessary filesctx-bind-mounts - Use bind mounts instead of COPY for build-only filesctx-minimize-context - Keep build context smallctx-syntax-directive - Use syntax directive for latest BuildKit features (prerequisite for cache mounts, secret mounts, heredocs, COPY --link)sec-secret-mounts - Use secret mounts for sensitive datasec-non-root-user - Run as non-root usersec-no-secrets-in-args - Never pass secrets via ARG or ENVsec-ssh-mounts - Use SSH mounts for private repository accesssec-attestations - Enable SBOM and provenance attestationssec-no-unnecessary-packages - Avoid installing unnecessary packagessec-ephemeral-containers - Design ephemeral, stateless containersdep-cache-mount-apt - Use cache mount for apt package managerdep-cache-mount-npm - Use cache mount for npm, yarn, and pnpmdep-cache-mount-pip - Use cache mount for pipdep-version-pin - Pin package versions for reproducibilitydep-cleanup-caches - Clean package manager caches in the same layerinst-json-cmd - Use JSON form for CMD and ENTRYPOINTinst-healthcheck - Define HEALTHCHECK for container orchestrationinst-heredoc-scripts - Use heredocs for multi-line scriptsinst-entrypoint-exec - Use exec in entrypoint scriptsinst-workdir-absolute - Use absolute paths with WORKDIRinst-copy-over-add - Prefer COPY over ADDlint-build-checks - Enable Docker build checkslint-pipefail - Use pipefail for piped RUN commandslint-labels - Use standard labels for image metadatalint-sort-arguments - Sort multi-line arguments alphabeticallylint-single-concern - One concern per containerRead individual reference files for detailed explanations and code examples:
| File | Description |
|---|---|
| references/_sections.md | Category definitions and ordering |
| assets/templates/_template.md | Template for new rules |
| metadata.json | Version and reference information |
npx claudepluginhub pproenca/dot-skillsDockerfile best practices, layer optimization, multi-stage builds, security, and image size reduction.
Optimizes Dockerfiles for smaller image sizes, faster builds, and improved security using multi-stage builds, layer caching, minimal bases, and non-root users.
Provides guidelines for ordering Dockerfile instructions from most stable (FROM, system deps) to least stable (code copy, build) to optimize layer caching. Use when creating or modifying Dockerfiles.